Competitive comparison

Network detection and response delivers the most comprehensive insight into hidden threats and empowers incident responders to act with confidence. Network traffic analysis is a core technology for detecting hidden threats, but there are several decision criteria that you should consider. Read our detailed comparisons to learn more.

Featured upcoming events

About Vectra

Vectra is the world leader in applying artificial intelligence to detect and respond to cyberattacks in cloud, data center and enterprise infrastructures in real time, while empowering security analysts to perform conclusive incident investigations and AI-assisted threat hunting.

Comprehensive cyberattack detection and response is mandatory in today’s hostile data environments, and the stakes have never been higher. No other company comes close to Vectra in proactively hunting down cyberattackers and reducing business risk.

Our core team consists of threat researchers, white hats, data scientists, network security engineers, and UI designers. We constantly push the boundaries of what's possible to drive the next generation of security.

Blog - article

Sorry, this blog post has not been posted yet. Come back and check again later!

Insiders – Threat or Blessing?

By:

Oliver Brdiczka, Principal Data Scientist, Vectra Networks

November 12, 2014

Insiders leaking information about secretive government practices and decision-making have had their impact on public opinion and United States policies in recent years, but are these leaks for the benefit of society, or do they push a hidden agenda? The most prominent example is Edward Snowden who leaked significant amounts of classified information from the National Security Agency (NSA) about its practices. On September 23, Edward Snowden received the Swedish human rights award, also referred to as the alternative Nobel prize, for his revelations in 2013. Snowden, who “blew the whistle,” got rewarded “for his courage and skill in revealing the unprecedented extent of state surveillance violating basic democratic processes and constitutional rights.” Snowden’s actions have definitely led to an intense global debate on privacy and surveillance, including changes in policies and technology for a better society. On the other hand, Snowden has clearly misused the trust that was placed on him, causing enormous damage to U.S. national and foreign policies and indirectly benefitting other foreign powers.

In more general terms, a whistleblower exposes alleged misconduct or dishonesty, or illegal activity occurring within an organization. The alleged misconduct includes the violation of a law, rule, regulation and/or a direct threat to public interest, such as fraud, health and safety violations, and corruption.

The history of whistleblowing in the United States is almost as old as the country itself. The first case dates back to 1777 when Samuel Shaw and Richard Marven blew the whistle on the torturing of British prisoners of war.As consequence, the Continental Congress enacted the whistleblower protection law on July 30, 1778, by a unanimous vote and dismissed the responsible commander-in-chief of the Continental Navy. A modern version of this protection law is in place today, including special versions for employees in intelligence services.

Not all exposures of information by insiders need to be external, some recent revelations about illegal expense practices show that internal investigations are possible without any (bad) consequences for the whistleblower. Are insiders that blow the whistle externally sacrificing themselves for the sake of people and a better society? Or are they following their own hidden agenda to harm organizations for their own benefit?

There is no clear answer to these questions, as it will depend on the case at hand. Insiders per definition are employees or contractors that have entered a relationship of trust with the organization for which they work. Trust here means that, by entering into a work relationship with the organization, the insiders accept to abide by the rules and obligations that come with the position.

However, this relationship of trust does not, and should not, include alleged dishonest, unethical or illegal activity occurring in the organization. The insider must obey laws and hold to ethical practices, even in spite of his or her trusted relationship with his organization. But when it comes to internal processes and decision-making inside an organization, who decides what is ethical or even legal?

In light of revelations and leaks of information, the judgment of behavior inside an organization as “right or wrong” is ultimately left to the insider. He or she will subjectively decide whether the perceived wrongdoing of the organization outweighs the obligations of a trusted relationship with the organization, and whether he or she is willing to accept possible consequence of leaking information externally. It’s an individual judgment call without checks and balances, which can result in positive outcomes to society and people, or not.

While cases of whistleblowers such as Snowden or Manning have dominated the news, less light has been shed on insiders that do harm to their organization, either for their own personal gain, out of pure disgruntlement, or by simple neglect. The overwhelming majority of insider threat cases reported by CERT are in these categories and inflict enormous damages to government organizations and companies every year in the United States and worldwide. According to a recent warning issued by the FBI and the Department of Homeland Security, these kinds of insider threat cases are on the rise in recent months and “pose a significant cyber security threat to US businesses.” One incident can further incur costs of up to $3 million, according to recent FBI cases.

The following posts of this blog series aim to decode these insider threat cases, their impact and costs, and to discuss ways to prevent, detect and mitigate them.

About the author

Oliver Brdiczka

Oliver Brdiczka is an AI Architect at Adobe. He has led R&D teams and designed/build AI systems that understand and respond to human behavior, relying on data from various sensors and deployments. Before joining Adobe, he was an advisor at Quantiply Corporation and Yobs. Previously he was a co-founder and VP of AI research at Stella.ai and principal data scientist at Vectra. He received a masters in computer vision, robotics, and imagery and a PhD in computer science and artificial intelligence from Institut polytechnique de Grenoble.